Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.0835 Multiple Vulnerabilities in Cisco Unity Connection 2 April 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Unity Connection Publisher: Cisco Systems Operating System: Cisco VMware ESX Server Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2015-0612 CVE-2015-0613 CVE-2015-0614 CVE-2015-0615 CVE-2015-0616 Original Bulletin: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple Vulnerabilities in Cisco Unity Connection Advisory ID: cisco-sa-20150401-cuc Revision 1.0 For Public Release 2015 April 1 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Cisco Unity Connection contains multiple vulnerabilities, when it is configured with Session Initiation Protocol (SIP) trunk integration. The vulnerabilities described in this advisory are denial of service vulnerabilities impacting the availability of Cisco Unity Connection for processing SIP messages. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBVRthYopI1I6i1Mx3AQLsfQ/+JPtMJZeOiBGfZSKcJxtrnc+BeoKgtkvx gGdX0EOMa15GJRKRGg0tVgPs9L1zMjwk7agVD5Y+Bs0stPvKzHAsc8mJlX0y9CHD YHfBPnqLjiLHZF/Dke9O5TtetHR1GEn4p9dgUihb/ke7leR8Yl6V7oqvBw6CdWCG 0MOQoGb1sVzFqys+QcUuN7rNNI+rRnFqEciqqmuV8FIkO8H1epxgd3dFobo+aCqA nvtBsfS8/q7M+kNG31p+Qh1JAFkwFwLiUolJwZlEDDf6uWnm8aP5apKKkb8FXqls Cvb6xUag9QgqJrB0W99tWnNE3T1UEsAC5CKRSxbyMFi4y/kG85LIuk7/gNw67i/A zhCDmwAbfM/r+HX30vIcVH5KOtKlBxeUJCWidbDrFZb8UGsdCuGgMRCrNWaPz/p3 0Za4LVVT6zbwq6x4Zbuuhxp+5FoRMYXp5xeI5XILncEsBRCzzccwSNq1znOjrLtz 5Z1X+CGjmNoOOJxaQL+tJIHN7OKaS891d29Md74NsugrEOryETuAgNYrufQqx3xZ qY+brvbvCUuw0SbCtiKmzKLzh6VYhVWCWbgtAjto/rMFh4HVhvmQ9v/TUaJUM5ZC xxxBBVzWAxiJs+fCV3YOzV5XTXEHbUe+qzKRMdMMnnpZvHFWU2RyusuV53pmx9w6 tHCBgvscchI= =Yrq3 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVRybUxLndAQH1ShLAQIi0BAApCPHsr/8K+ha53EcV1kfGNVPud12xrpR wx+eiaa/Bg0X6auIlYrs7yHChjXhlTbCGgghl/gslIyN4rwoCeO/T3+whz62avG/ MRnnPvdeqao7ajO+I6C5OSEGst8flfoPhx8lWM6jG6X6fwbmjxtmfiyIDYx2KwVr mkk0F71IH6q0ewRv0djIenT7vYgtA4IJg04gm0jP28F+n+mf752+1mQL1b3maTJz /lzymGYG2D06+cBMSvI71VcLp4mCvwB+3DTEpb/kiNZMxI6egvfnJnoVvPzK+05c YmO49H228mFR+QgRytoWQDmOA8YWkyDFc+LiO9mGMr8Ez6KRz2CM34qFJL349MFN Qe0WkmuuaJeQVpuFAbVvpwqy/1ceCt+7FX2K2hYr23MeQzSazR2Q1WLX/WcyACLm sPcBn+1dCAABFDGn6/x+/QDUgVO6C12nK/CrTseH4GbAINMeIFWraTrcWJqgmo76 kio7QA6fNNEg13nFvukvbTKQLqmGADtzQkhknKo75+NHbkpoKP2tTAd7Dtjg254d KfqBo2RqHWXJDIs8Tcbb1VHj/aA+so+M16Uh/+M/JJs0Qs/k4NUKzfY86t/ZIVs5 DT/C6gMXhF1JXYJsphGHITjANKiFjtADdikin3iBMWEs+rsUpcVqKvDHH9FKYRkV J/1bKfGdR3k= =Wabu -----END PGP SIGNATURE-----